Shape the future of IBM Security Verify
We invite you to shape the future of IBM, including the product roadmap, by submitting ideas that matter to you the most.
Here's how it works:
Post your ideas
Start by posting ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,
Post an idea
Upvote ideas that matter most to you
Get feedback from the IBM team to refine your idea
Submit a private idea
If you have confidential information or customer data to share with your idea, then - DO NOT submit using the link below, instead - please open a private feature request.
And finally - if its an issue with expected behaviour, a product defect or a support need, open a Support Case
There is not currently a way to restrict access to the Web Services function from Integrations such a Remote Desktop Manager, without at the same time, also breaking the Web Session Recording feature.
By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.
This Enhancement will be closed in this system, as this is the tracking tool for IBM Security Verify SaaS, it will be tracked however by an internal process.
Thanks!
Hi Adam,
Let me provide a suggestion on how I would do it in a simple way to highlight what I see as a needed option.
Copy the existing webservices api and give it a new name like nativeservices.
Move the SS features of Web Session Recording and perhaps the Remote Connection Manager to use this new api/call/hook.
Now provide a toggle option to enable and disable this nativeservices in the same way I can disable webservices.
This now gives me the ability to "Separate SV Launcher Tools access to Web Services from that of 3rd Party Integrations".
I can then turn off products like RDM from Devolutions should I choose to, without breaking the WebSesssion recording features that currently rely on this shared service.
Trusted applications would be Web Session Recording call, RCM from Thy and IBM environment equivalent.
Confirming this is a SS RFE. At the moment, 3rd party programs such as Devolutions Remote Desktop Manager can communicate with the SS.
The only way to stop this 3rd party access, is to turn off the Web Services function. When this action is taken to secure the SS, it breaks the use of the SS launcher tools.
It would be good to have a boundary of privilege, so that trusted internal parts of SS, like the Launchers and Web Session recording continue to function.
It is undesirable to have to disable a SS feature to stop a 3rd party getting access.
We just want to clarify here as the idea that was submitted seems to be for another product. We believe that this is an RFE for IBM Secret Server, is that correct?